Puppet Ssl Sign Certificate Setup - Puppet (software)

What Is Puppet SSL Sign Certificate Setup?

Once the Puppet agent software runs for the initial time on any Puppet node, it produces a certificate and sends the certificate signing appeal to the Puppet master. Earlier the Puppet server is able to connect and control the agent nodes, it necessarily signs that specific agent node’s certificate. In the resulting sections, we will define how to sign and check for the signing request.

List Current Certificate Requests

On the Puppet master, run the resulting command to see all unsigned certificate requests.

As we have just set up a new agent node, we will see one appeal for agreement. Resulting will be the output.

It does not comprise any + (sign) in the beginning, which specifies that the certificate is still not signed.

Sign a Request

In order to sign the new certificate invitation which was produced when the Puppet agent run took place on the new node, the Puppet cert sign command would be used, with the host name of the certificate, which was produced by the recently configured node that needs to be signed. As we have Brcleprod004.brcl.com’s certificate, we will use the resulting command.

Resulting will be the output.

The puppet sever can now communicate to the node, where the sign certificate belongs.

Revoking the Host from the Puppet Setup

There are conditions on configuration of kernel rebuild when it wants to eliminating the host from the setup and adding it again. These are those conditions which cannot be achieved by the Puppet itself. It could be done using the resulting command.

Viewing All Signed Requests

The resulting command will produce a list of signed certificates with + (sign) which specifies that the request is approved.

Resulting will be its output.

When the above is done, we have our organization ready in which the Puppet master is now accomplished of handling recently added nodes.

All rights reserved © 2020 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status

Puppet (software) Topics